FEATURE SELECTION AND CLASSIFICATION OF INTRUSION DETECTION SYSTEM USING ROUGH SET

With the expansion of computer network there is a challenge to compete with the intruders who can easily break into the system. So it becomes a necessity to device systems or algorithms that can not only detect intrusion but can also improve the detection rate. In this paper we propose an intrusion detection system that uses rough set theory for feature selection, which is extraction of relevant attributes from the entire set of attributes describing a data packet and used the same theory to classify the packet if it is normal or an attack. After the simplification of the discernibility matrix we were to select or reduce the features. We have used Rosetta tool to obtain the reducts and classification rules. NSL KDD dataset is used as training set and is provided to Rosetta to obtain the classification rules

Rough Set Discretize Classification of Intrusion Detection System

Many pattern classification tasks confront with the problem that may have a very high dimensional feature space like in Intrusion Detection System (IDS) data. Rough set is widely used in IDS to overcome the arising issue. In rough set, there are several stage processing including discretization part which is a vital task in data mining, particularly in the classification problem. Two results distinguish showing that the discretization stage is hugely important in both training and testing of IDS data. In proposed framework, analysis should been done to discretization, reduct and rules stage to determine the significant algorithm and core element in IDS data. The classification using standard voting, since it is a rule-based classification

Rough Set-hypergraph-based Feature Selection Approach for Intrusion Detection Systems

Immense growth in network-based services had resulted in the upsurge of internet users, security threats and cyber-attacks. Intrusion detection systems (IDSs) have become an essential component of any network architecture, in order to secure an IT infrastructure from the malicious activities of the intruders. An efficient IDS should be able to detect, identify and track the malicious attempts made by the intruders. With many IDSs available in the literature, the most common challenge due to voluminous network traffic patterns is the curse of dimensionality. This scenario emphasizes the importance of feature selection algorithm, which can identify the relevant features and ignore the rest without any information loss. In this paper, a novel rough set κ-Helly property technique (RSKHT) feature selection algorithm had been proposed to identify the key features for network IDSs. Experiments carried using benchmark KDD cup 1999 dataset were found to be promising, when compared with the existing feature selection algorithms with respect to reduct size, classifier’s performance and time complexity. RSKHT was found to be computationally attractive and flexible for massive datasets

Advances in Data Mining Knowledge Discovery and Applications

Advances in Data Mining Knowledge Discovery and Applications aims to help data miners, researchers, scholars, and PhD students who wish to apply data mining techniques. The primary contribution of this book is highlighting frontier fields and implementations of the knowledge discovery and data mining. It seems to be same things are repeated again. But in general, same approach and techniques may help us in different fields and expertise areas. This book presents knowledge discovery and data mining applications in two different sections. As known that, data mining covers areas of statistics, machine learning, data management and databases, pattern recognition, artificial intelligence, and other areas. In this book, most of the areas are covered with different data mining applications. The eighteen chapters have been classified in two parts: Knowledge Discovery and Data Mining Applications

Data Mining with Supervised Instance Selection Improves Artificial Neural Network Classification Accuracy

IDSs may monitor intrusion logs, traffic control packets, and assaults. Nets create large amounts of data. IDS log characteristics are used to detect whether a record or connection was attacked or regular network activity. Reduced feature size aids machine learning classification. This paper describes a standardised and systematic intrusion detection classification approach. Using dataset signatures, the Naive Bayes Algorithm, Random Tree, and Neural Network classifiers are assessed. We examine the feature reduction efficacy of PCA and the fisheries score in this study. The first round of testing uses a reduced dataset without decreasing the components set, and the second uses principal components analysis. PCA boosts classification accuracy by 1.66 percent. Artificial immune systems, inspired by the human immune system, use learning, long-term memory, and association to recognise and v-classify. Introduces the Artificial Neural Network (ANN) classifier model and its development issues. Iris and Wine data from the UCI learning repository proves the ANN approach works. Determine the role of dimension reduction in ANN-based classifiers. Detailed mutual information-based feature selection methods are provided. Simulations from the KDD Cup'99 demonstrate the method's efficacy. Classifying big data is important to tackle most engineering, health, science, and business challenges. Labelled data samples train a classifier model, which classifies unlabeled data samples into numerous categories. Fuzzy logic and artificial neural networks (ANNs) are used to classify data in this dissertation

Network intrusion detection by artificial immune system

With computer network’s fast penetration into our life, various types of malicious attacks and service abuses increase dramatically. Network security has become one of the big challenges in the modern networks. Intrusion Detection (ID) is one of the active branches in network security research field. Many technologies, such as neural networks, fuzzy logic and genetic algorithms have been applied in intrusion detection and the results are varied. In this thesis, an Artificial Immune System (AIS) based intrusion detection is explored. AIS is a bio-inspired computing paradigm that has been applied in many different areas including intrusion detection. The main objective of our research is to improve the AIS based Intrusion Detection System’s (IDS) performance on detection while keeping its system computing complexity to a low level. An IDS requires specified monitoring parameter set. In a computer network, there are many parameters can be collected or monitored. The quantity of parameters could be real big. These parameters can be used for the intrusion detection purpose. However, the significance of these parameters in intrusion detection can be very different. If all parameters were used, the computing complexity of IDS would be high. Therefore the selection of a group of significant parameters is necessary. This process is called feature selection. Two feature selection algorithms, i.e. Rough set algorithm (RSA) and linear genetic programming (LPG) are selected and compared in this thesis. An improved AIS based IDS with these two feature selection algorithms are studied. A basic feature selection algorithm only picks the features to be used, assuming they have equal contribution towards the system performance and that is not the case in reality. Therefore weighing the parameters’ contribution in the IDS is expected to further improve the performance. However, assigning weights to the selected features is not an easy work. In this thesis, a weight distribution scheme among selected features is proposed. With a simplified exhausted approach, an optimal weight allocation is obtained. The results show that the improved AIS based IDS with weighted feature selection can achieve 99.98 % of true positive rate while keeping the true negative rate at 99.94%. These results are obtained from the experiment on the popular testing dataset: KDD Cup 99. The results indicate the proposed scheme outperforms most of the existing IDS on the same testing data set

Intelligent black hole detection in mobile AdHoc networks

Security is a critical and challenging issue in MANET due to its open-nature characteristics such as: mobility, wireless communications, self-organizing and dynamic topology. MANETs are commonly the target of black hole attacks. These are launched by malicious nodes that join the network to sabotage and drain it of its resources. Black hole nodes intercept exchanged data packets and simply drop them. The black hole node uses vulnerabilities in the routing protocol of MANETS to declare itself as the closest relay node to any destination. This work proposed two detection protocols based on the collected dataset, namely: the BDD-AODV and Hybrid protocols. Both protocols were built on top of the original AODV. The BDD-AODV protocol depends on the features collected for the prevention and detection of black hole attack techniques. On the other hand, the Hybrid protocol is a combination of both the MI-AODV and the proposed BDD-AODV protocols. Extensive simulation experiments were conducted to evaluate the performance of the proposed algorithms. Simulation results show that the proposed protocols improved the detection and prevention of black hole nodes, and hence, the network achieved a higher packet delivery ratio, lower dropped packets ratio, and lower overhead. However, this improvement led to a slight increase in the end-to-end delay

Shared Nearest-Neighbor Quantum Game-Based Attribute Reduction with Hierarchical Coevolutionary Spark and Its Application in Consistent Segmentation of Neonatal Cerebral Cortical Surfaces

© 2012 IEEE. The unprecedented increase in data volume has become a severe challenge for conventional patterns of data mining and learning systems tasked with handling big data. The recently introduced Spark platform is a new processing method for big data analysis and related learning systems, which has attracted increasing attention from both the scientific community and industry. In this paper, we propose a shared nearest-neighbor quantum game-based attribute reduction (SNNQGAR) algorithm that incorporates the hierarchical coevolutionary Spark model. We first present a shared coevolutionary nearest-neighbor hierarchy with self-evolving compensation that considers the features of nearest-neighborhood attribute subsets and calculates the similarity between attribute subsets according to the shared neighbor information of attribute sample points. We then present a novel attribute weight tensor model to generate ranking vectors of attributes and apply them to balance the relative contributions of different neighborhood attribute subsets. To optimize the model, we propose an embedded quantum equilibrium game paradigm (QEGP) to ensure that noisy attributes do not degrade the big data reduction results. A combination of the hierarchical coevolutionary Spark model and an improved MapReduce framework is then constructed that it can better parallelize the SNNQGAR to efficiently determine the preferred reduction solutions of the distributed attribute subsets. The experimental comparisons demonstrate the superior performance of the SNNQGAR, which outperforms most of the state-of-the-art attribute reduction algorithms. Moreover, the results indicate that the SNNQGAR can be successfully applied to segment overlapping and interdependent fuzzy cerebral tissues, and it exhibits a stable and consistent segmentation performance for neonatal cerebral cortical surfaces

AI-based intrusion detection systems for in-vehicle networks: a survey.

The Controller Area Network (CAN) is the most widely used in-vehicle communication protocol, which still lacks the implementation of suitable security mechanisms such as message authentication and encryption. This makes the CAN bus vulnerable to numerous cyber attacks. Various Intrusion Detection Systems (IDSs) have been developed to detect these attacks. However, the high generalization capabilities of Artificial Intelligence (AI) make AI-based IDS an excellent countermeasure against automotive cyber attacks. This article surveys AI-based in-vehicle IDS from 2016 to 2022 (August) with a novel taxonomy. It reviews the detection techniques, attack types, features, and benchmark datasets. Furthermore, the article discusses the security of AI models, necessary steps to develop AI-based IDSs in the CAN bus, identifies the limitations of existing proposals, and gives recommendations for future research directions

Uncertainty Management of Intelligent Feature Selection in Wireless Sensor Networks

Wireless sensor networks (WSN) are envisioned to revolutionize the paradigm of monitoring complex real-world systems at a very high resolution. However, the deployment of a large number of unattended sensor nodes in hostile environments, frequent changes of environment dynamics, and severe resource constraints pose uncertainties and limit the potential use of WSN in complex real-world applications. Although uncertainty management in Artificial Intelligence (AI) is well developed and well investigated, its implications in wireless sensor environments are inadequately addressed. This dissertation addresses uncertainty management issues of spatio-temporal patterns generated from sensor data. It provides a framework for characterizing spatio-temporal pattern in WSN. Using rough set theory and temporal reasoning a novel formalism has been developed to characterize and quantify the uncertainties in predicting spatio-temporal patterns from sensor data. This research also uncovers the trade-off among the uncertainty measures, which can be used to develop a multi-objective optimization model for real-time decision making in sensor data aggregation and samplin